1. hizel
  2. cciw-website

Commits

Luke Plant  committed 0f218d8 Merge

Merged from default

  • Participants
  • Parent commits eb366d8, 6c2be14
  • Branches live

Comments (0)

Files changed (2)

File cciw/middleware/http.py

View file
 from django.http import HttpResponsePermanentRedirect
 
+
 class WebFactionFixes(object):
     """
     Middleware that applies some fixes for people using
         if 'HTTP_X_FORWARDED_SSL' in request.META:
             request.is_secure = lambda: request.META['HTTP_X_FORWARDED_SSL'] == 'on'
 
-class ForceSSLMiddleware(object):
-    """
-    Middleware that performs redirects from HTTP to HTTPS.
-    """
-    # We need SESSION_COOKIE_SECURE = True to have any genuine security over
-    # SSH.  But it is a global setting, so sessions won't work over
-    # HTTP. Therefore need to force everything to be HTTPS.
-    def process_view(self, request, view_func, view_args, view_kwargs):
-        if not request.is_secure():
-            newurl = "https://%s%s" % (request.get_host(), request.get_full_path())
-            return HttpResponsePermanentRedirect(newurl)
 
 class ActAsProxy(object):
     """

File cciw/settings.py

View file
 _MIDDLEWARE_CLASSES = (
     (DEVBOX,     "cciw.middleware.http.ActAsProxy"),
     (LIVEBOX,    "cciw.middleware.http.WebFactionFixes"),
-    (LIVEBOX and PRODUCTION, "cciw.middleware.http.ForceSSLMiddleware"),
     (True,       "django.middleware.gzip.GZipMiddleware"),
 #    (DEVBOX,     "debug_toolbar.middleware.DebugToolbarMiddleware"),
     (DEVBOX,     "output_validator.middleware.ValidatorMiddleware"),